The scams keep coming so I want to alert you about a new malware attack that looks like a legitimate email from DHL Express International. I learned about the scam from Graham Cluley’s recent article (www.nakedsecurity.sophos.com; “A DHL delivery which is nothing but malware-Windows users warned of email attack”).

How does it work? It’s a variation on the typical scam model so Windows users need to be on the alert.

As Mr. Cluley explains, spam emails go out with a header making it appear to be from DHL Express International. The subject line reads “DHL delivery report”, the message states that the recipient has a package waiting for him but the delivery couldn’t be made because of an error in the postal code. The recipient might know he hasn’t ordered anything but maybe someone has sent him a package. So the unsuspecting recipient follows the email instructions to print off the label. The message instructs the recipient to then take that printed label to the post office to claim the package.

Of course the only “package” the recipient will get is the package of malware that’s in the label file attached to the email. In the case of the latest DHL scam, the recipient’s Windows computer now is infested with the Troj/Bredo-AGB Trojan horse malware.

Mr. Cluley’s article has an excellent screen shot of the scam email. As with so many of these scams, the heading and logo look authentic so it’s understandable that people who are rushed, or unaware of the scam, might open the label file. When in doubt, go to the DHL website, call the toll-free number and confirm if there is a package en route to you.

You might recognize the email as a scam but others you know might not. That’s why I want to share this scam with you so you can alert others.